Trick user to send private key password to compromised host

[Dan Yefimov]

On Tue, 20 May 2008, Damien Miller wrote:

> Fixing this is not as simple as putting a "you are now authenticated"
> message somewhere. Keyboard-interactive authentication can display 
> arbitrary prompts, so a compromised server may display the spoofed 
> question prior to authentication success.

Sure, but IIRC we consider the case of requesting the private key passphrase 
for public key authentication. As soon as public key authentication succeeds 
and the client displays "Authentication succeeded" message, any other 
passphrase prompts can be certainly assumed to be bogus ones.

> Furthermore, in a ttyful environment, connections any warning message
> can be erased through terminal manipulation. 
> 
Sure again, but that could be to some degree worked around by using bell 
character in "Authentication succeeded" message and documenting that. For 
keyboard-interactive prompts, as a countermeasure, control characters can be 
either quoted or even stripped before displaying prompts.

> A so-compromised server could also pretend to fail pubkey authentication
> entirely and ask for the user's password, which seems to be a more grave
> threat (and completely impossible to defend against from the client side).
> 
Nothing can completely defend against compromised host actions. But displaying 
a message that public key authentication has failed can at least give careful 
user a hint that something is going wrong. Something is better than nothing.
-- 

    Sincerely Your, Dan.